So You Wanna Find Bugs In The Linux Kernel? Slides of the talk presented by sam4k at TyphoonCon🌪️. The talk gives an overview of the Linux kernel vulnerability research area and suggests approaches and tools for finding bugs. typhooncon.com/wp-content/upl…

Virtual Escape; Real Reward: Introducing Google’s kvmCTF Google started a vulnerability reward program for the Kernel-based Virtual Machine (KVM) hypervisor focused on zero-day bugs. security.googleblog.com/2024/06/virtua…

A deep dive into CVE-2023-2163: How we found and fixed an eBPF Linux Kernel Vulnerability An article by 那个饺子🦆(JJ) and Meador Inge about exploiting a bug in the eBPF subsystem found with buzzer. bughunters.google.com/blog/630322602…

Listen Up: Sonos Over-The-Air Remote Kernel Exploitation and Covert Wiretap A talk and an article by Robert Herrera, Alex Plaskett about remotely exploiting a bug in the Wi-Fi driver of the Sonos One smart speaker. Slides: i.blackhat.com/BH-US-24/Prese… Article: nccgroup.com/media/uzbp3ttw…

CVE-2022-22265: Samsung NPU driver An article by Javier P Rufo about exploiting a slab double-free in the Samsung's NPU driver via the Dirty Pagetable technique. soez.github.io/posts/CVE-2022…

SSD Advisory — Linux kernel TAPRIO OOB An article about exploiting an RCU-involved race condition in the TAPRIO network queuing discipline implementation. The exploit is by kylebot. ssd-disclosure.com/ssd-advisory-l…

CVE-2020-27786 (Race Condition + Use-After-Free) An article by ii4gsp about exploiting a racy use-after-free in the MIDI subsystem. ii4gsp.github.io/cve-2020-27786/

GPUAF: Using a general GPU exploit tech to attack Pixel 8 A talk by @peterpan980927 and Billy about leveraging an integer overflow bug in the Mali GPU driver to gain use-after-free access to physical pages and escalate privileges on Pixel 8. youtube.com/watch?v=Mw6iCq…